Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Virtual private networks
»
Little help with Wireguard Roadwarrior please
« previous
next »
Print
Pages: [
1
]
Author
Topic: Little help with Wireguard Roadwarrior please (Read 1743 times)
Yoora
Newbie
Posts: 2
Karma: 0
Little help with Wireguard Roadwarrior please
«
on:
October 15, 2021, 06:25:58 pm »
Hi Everyone!
I just started using opnsense and have been playing around en reading alot for the past few days. I'm new to this and learned a lot!
So far I have my router up and running including a wireguard VPN to WAN using this guide:
https://imgur.com/gallery/JBf2RF6
(found it more informative than the standard documentation).
For DNS I'm using Unbound with network interfaces set to All and Outgoing Network interfaces set to my first Wireguard interface to avoid DNS leaks.
I'm now making a 2nd Wireguard interface for a Roadwarrior setup to allow friends access to specific folders on my NAS.
I'm using this guide:
https://homenetworkguy.com/how-to/configure-wireguard-opnsense/#_
which is based on the standard documentation found here:
https://docs.opnsense.org/manual/how-tos/wireguard-client.html
. Only a little more detailed on the client side.
So far my set up is:
In opnsense
[Local]
Tunnel Address= 10.0.0.1/24
PrivateKey = yH...
PublicKey = EL...
ListenPort = 51821
DNS = empty
Disable routes = checked
Gateway = 10.13.109.124
[Endpoint]
PublicKey = ix...
AllowedIPs = 10.0.0.2/32
Endpoint Port = 51821
On Android
[Interface]
Addresses= 10.0.0.2/32
PrivateKey = XX...
PublicKey = ix...
ListenPort = 51821
DNS = empty
MTU = auto
[Endpoint]
PublicKey = EL...
Persistent keepalive = 25
Endpoint = ...ddns.net:51821 (personal ddns)
AllowedIPs = 0.0.0.0/0, ::/0
I've set up the gateway and corresponding interface. As for firewall rules:
I have the Wan Rule from step 6 from the official Roadwarrior guide set up to allow access through the firewall exactly as posted in the documentation. I have also created the WG Interface rule from step 6 and temporarily disabled it to make sure that wasn't the issue.
But for the life of me, I can't get a handshake on this 2nd interface.
I've tried adding DNSes both in opnsense and on Android, changing my unbound DNS to allow every interface both in and out, created this set up multiple times from scratch deleting and remaking everything following the guide exactly in the hopes that I forgot/misread something. I've simply changed the keys a couple times to make sure I didnt mix anything up. And while typing this all I checked everything again, just to be sure. Somehow, somewhere, I'm missing something and I'm fairly certain its something simple, but I just dont know where to look anymore.
Can anyone help a girl out and give me some pointers on where to look / what to try? This can't be that hard, can it?
Logged
Yoora
Newbie
Posts: 2
Karma: 0
Re: Little help with Wireguard Roadwarrior please
«
Reply #1 on:
October 19, 2021, 01:21:44 pm »
For anyone finding this, the official guide works like a charm. The trouble was 1. I made things too difficult using gateways and 2.my ddns wasn't up to date.
Redo the guide without the extra bells and whistles and change my ddns to my WAN IP and voila, we have connection.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Virtual private networks
»
Little help with Wireguard Roadwarrior please